Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CybozuCybozu Garoon

125 matches found

CVE
CVEadded 2021/08/18 6:15 a.m.37 views

CVE-2021-20763

Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the appropriate privilege.

4.3CVSS4.6AI score0.00157EPSS
CVE
CVEadded 2009/04/23 5:30 p.m.36 views

CVE-2008-6744

Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8CVSS7.3AI score0.00334EPSS
CVE
CVEadded 2018/04/16 2:29 p.m.36 views

CVE-2018-0551

Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

5.4CVSS5.5AI score0.00171EPSS
CVE
CVEadded 2019/05/17 4:29 p.m.36 views

CVE-2019-5938

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Mail'.

6.1CVSS5.5AI score0.0026EPSS
CVE
CVEadded 2019/05/17 4:29 p.m.36 views

CVE-2019-5941

Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction alter the Report without access privileges via the application 'Multi Report'.

4.3CVSS4.6AI score0.00188EPSS
CVE
CVEadded 2021/08/18 6:15 a.m.36 views

CVE-2021-20769

Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.

5.4CVSS5.3AI score0.00209EPSS
CVE
CVEadded 2018/04/16 2:29 p.m.35 views

CVE-2018-0548

Cybozu Garoon 4.0.0 to 4.6.0 allows remote authenticated attackers to bypass access restriction to view the closed title of "Space" via unspecified vectors.

5CVSS5AI score0.00141EPSS
CVE
CVEadded 2018/04/16 2:29 p.m.35 views

CVE-2018-0550

Cybozu Garoon 3.5.0 to 4.6.1 allows remote authenticated attackers to bypass access restriction to view the closed title of "Cabinet" via unspecified vectors.

4.3CVSS5AI score0.00135EPSS
CVE
CVEadded 2018/07/26 5:29 p.m.35 views

CVE-2018-0607

SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

8.8CVSS8.7AI score0.00677EPSS
CVE
CVEadded 2019/05/17 4:29 p.m.35 views

CVE-2019-5947

Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'.

5.4CVSS4.8AI score0.00195EPSS
CVE
CVEadded 2020/06/30 11:15 a.m.35 views

CVE-2020-5580

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to view and/or alter Single sign-on settings via unspecified vectors.

8.1CVSS7.4AI score0.00215EPSS
CVE
CVEadded 2020/06/30 11:15 a.m.35 views

CVE-2020-5584

Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified vectors.

7.5CVSS7.4AI score0.004EPSS
CVE
CVEadded 2020/06/30 11:15 a.m.35 views

CVE-2020-5587

Cybozu Garoon 4.0.0 to 5.0.1 allow remote authenticated attackers to obtain unintended information via unspecified vectors.

6.5CVSS6.3AI score0.00249EPSS
CVE
CVEadded 2021/08/18 6:15 a.m.35 views

CVE-2021-20756

Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege.

4.3CVSS4.6AI score0.00157EPSS
CVE
CVEadded 2021/08/18 6:15 a.m.35 views

CVE-2021-20761

Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker with an administrative privilege to alter the data of E-mail without the appropriate privilege.

3.5CVSS4.3AI score0.00147EPSS
CVE
CVEadded 2021/08/18 6:15 a.m.35 views

CVE-2021-20768

Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to delete the data of Scheduler and MultiReport without the appropriate privilege.

4.3CVSS4.7AI score0.00193EPSS
CVE
CVEadded 2021/08/18 6:15 a.m.35 views

CVE-2021-20775

Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege.

4.3CVSS4.6AI score0.0016EPSS
CVE
CVEadded 2017/06/09 4:29 p.m.34 views

CVE-2016-4907

Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors.

8.8CVSS8.5AI score0.00317EPSS
CVE
CVEadded 2017/06/09 4:29 p.m.33 views

CVE-2016-4908

Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to alter or delete another user's private RSS settings via unspecified vectors.

4.3CVSS4.6AI score0.00209EPSS
CVE
CVEadded 2019/05/17 4:29 p.m.33 views

CVE-2019-5930

Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to bypass access restriction to browse unauthorized pages via the application 'Management of Basic System'.

4.3CVSS5.1AI score0.00153EPSS
CVE
CVEadded 2019/05/17 4:29 p.m.33 views

CVE-2019-5940

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Scheduler'.

6.1CVSS5.5AI score0.0026EPSS
CVE
CVEadded 2019/01/09 11:29 p.m.32 views

CVE-2018-16178

Cybozu Garoon 3.0.0 to 4.10.0 allows remote attackers to bypass access restriction to view information available only for a sign-on user via Single sign-on function.

7.5CVSS7.4AI score0.0023EPSS
CVE
CVEadded 2020/06/30 11:15 a.m.32 views

CVE-2020-5581

Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors.

6.5CVSS6.2AI score0.00276EPSS
CVE
CVEadded 2020/06/30 11:15 a.m.32 views

CVE-2020-5585

Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.

4.8CVSS5.6AI score0.00403EPSS
CVE
CVEadded 2020/06/30 11:15 a.m.29 views

CVE-2020-5588

Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to obtain unintended information via unspecified vectors.

4.9CVSS5.5AI score0.00417EPSS
Total number of security vulnerabilities125